﻿using IdentityServer4.Models;
using IdentityServer4.Test;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;

namespace Server
{
    public class Config
    {
        // scopes define the resources in your system
        public static IEnumerable<Scope> GetScopes()
        {
            return new List<Scope>
            {
                new Scope
                {
                    Name = "api1",
                    Description = "My API",
                },
                //如果想带有RefreshToken，那么必须设置：StandardScopes.OfflineAccess
                //IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess.
            };
        }
        public static IEnumerable<ApiResource> GetApiResources()
        {
            return new List<ApiResource>
             {
                 new ApiResource("api1", "My API"),
                  new ApiResource("api2", "My API")
             };
        }
        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
           {
                new Client
                {
                    ClientId = "client",  
                    // 没有交互性用户，使用 clientid/secret 实现认证。  
                    AllowedGrantTypes = GrantTypes.ClientCredentials,  
                    // 用于认证的密码  
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },  
                    // 客户端有权访问的范围（Scopes）  
                    AllowedScopes = { "api1" }
                },
                //Resource Owner Password模式
                new Client
                {
                    //client_id
                    ClientId = "pwd_client",
                    AllowedGrantTypes = new string[] { GrantType.ResourceOwnerPassword },
                    //client_secret
                    ClientSecrets =
                    {
                        new Secret("pwd_secret".Sha256())
                    },
                    //scope
                    AllowedScopes =
                    {
                        "api1",
                        //如果想带有RefreshToken，那么必须设置：StandardScopes.OfflineAccess
                        //StandardScopes.OfflineAccess,
                    },
                    //AccessTokenLifetime = 3600, //AccessToken的过期时间， in seconds (defaults to 3600 seconds / 1 hour)
                    //AbsoluteRefreshTokenLifetime = 60, //RefreshToken的最大过期时间，就算你使用了TokenUsage.OneTimeOnly模式，更新的RefreshToken最大期限也是为这个属性设置的(就是6月30日就得要过期[根据服务器时间]，你用旧的RefreshToken重新获取了新RefreshToken，新RefreshToken过期时间也是6月30日)， in seconds. Defaults to 2592000 seconds / 30 day
                    //RefreshTokenUsage = TokenUsage.OneTimeOnly,   //默认状态，RefreshToken只能使用一次，使用一次之后旧的就不能使用了，只能使用新的RefreshToken
                    //RefreshTokenUsage = TokenUsage.ReUse,   //重复使用RefreshToken，RefreshToken过期了就不能使用了
                }
            };
        }
        public static List<TestUser> GetUsers()
        {
            return new List<TestUser>
            {
                new TestUser
                {
                    SubjectId = "1",
                    Username = "alice",
                    Password = "password"
                },
                new TestUser
                {
                    SubjectId = "2",
                    Username = "bob",
                    Password = "password"
                }
            };
        }
    }
}
